Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          WOnyu8OhxuMmNKNG5Y5yh06NOep4WH5lEnrlwKPLyjs=
Subject key identifier:   6E:A6:2F:11:76:5D:22:7E:4A:C0:36:81:C2:28:27:41:78:6D:54:44
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019A71EEA48FC2189BD8F43E3EC235314E64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          052E
Signing time:             Tue 11 Nov 2025 08:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 08:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 08:00:56 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: QqITkPhJ46u/JMEXClt+y51CblRVeLQsDFSD9CVx90I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:a4:8f:c2:18:9b:d8:f4:3e:3e:c2:35:31:4e:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Nov 11 08:00:56 2025 GMT
            Not After : Nov 12 08:00:56 2025 GMT
        Subject: CN=6ea62f11765d227e4ac03681c2282741786d5444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c6:3e:c0:40:ff:df:86:cf:4f:e2:ff:d5:0e:
                    3d:41:f5:16:8e:52:6a:44:bf:cd:3d:80:28:3c:e2:
                    ca:92:4d:6f:b7:32:aa:b8:aa:e3:0f:25:98:12:4b:
                    cf:6d:37:9f:26:e7:48:ae:52:0d:8e:aa:80:e8:cd:
                    7d:18:c5:81:47:27:41:33:96:5f:be:95:63:e3:74:
                    01:80:a5:63:9e:78:9c:ad:d0:fd:5a:f2:52:67:00:
                    fa:e1:cf:a0:91:23:56:b9:1e:34:16:4e:90:f6:4c:
                    30:20:d7:3e:76:21:a2:29:35:07:ed:d1:d9:00:c2:
                    f1:14:3d:23:77:4a:bc:9f:4e:03:db:d7:a7:bd:06:
                    e2:f5:47:d8:74:eb:55:22:cd:c2:de:b4:1f:32:0e:
                    c7:46:08:00:99:4e:f1:1c:d8:0d:97:e4:93:d8:5b:
                    5a:48:d3:91:b6:23:89:a8:dc:e8:32:68:c5:b2:23:
                    38:87:68:41:b3:4f:e0:cf:df:04:a9:93:94:45:bc:
                    75:ff:80:41:d2:55:97:2b:d1:2d:ec:21:fe:f2:12:
                    aa:2f:90:5e:4b:2e:05:e9:8c:39:a3:ae:4d:35:0c:
                    97:d3:e7:81:0d:bf:ca:99:dc:12:dc:ff:c3:b3:7b:
                    e9:72:ee:4e:cf:2f:f4:49:80:05:10:fb:58:74:f9:
                    d8:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:A6:2F:11:76:5D:22:7E:4A:C0:36:81:C2:28:27:41:78:6D:54:44
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:c7:85:7a:df:e0:33:c1:e4:66:5a:0a:49:d6:ca:96:a0:16:
         47:a4:02:23:19:a0:76:47:85:97:36:37:1c:73:12:05:4b:ac:
         d4:d2:64:93:52:dc:f6:22:dd:a2:24:0b:7d:7c:e5:a3:e3:33:
         14:4a:ee:7d:ec:cd:04:2c:ef:b9:61:65:6e:90:59:49:37:49:
         6c:ae:6a:da:c9:1b:c7:1b:60:b9:6e:30:cd:20:70:23:b7:06:
         aa:c5:45:a7:a9:f0:6b:db:76:ee:e1:80:48:81:e8:a9:20:4b:
         01:ea:39:ce:ec:d4:a1:9c:5a:bd:eb:d0:1b:87:fa:c3:62:4c:
         e9:82:29:1e:07:97:fe:fe:25:ee:24:08:24:17:35:73:95:e6:
         ed:16:92:f0:3b:47:0d:74:ca:cc:05:db:8e:fe:f0:27:cb:73:
         ec:dc:f9:71:25:52:6d:7b:ac:5c:54:13:33:33:e0:f4:3f:e5:
         c8:87:fd:f4:48:7b:f7:51:74:d0:7d:6f:2a:3c:9e:1c:3f:0b:
         2f:c9:8c:01:8f:cd:93:b2:64:88:66:70:ab:69:6e:31:a0:3a:
         02:df:ee:af:22:ff:49:85:53:2f:75:70:97:19:36:8b:11:66:
         11:50:ff:da:f6:47:b2:1e:ed:f5:2b:b3:fc:71:97:aa:cc:93:
         bf:e2:18:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qSPwhib2PQ+PsI1MU5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUxMTExMDgwMDU2WhcNMjUxMTEyMDgwMDU2WjAzMTEwLwYDVQQD
Eyg2ZWE2MmYxMTc2NWQyMjdlNGFjMDM2ODFjMjI4Mjc0MTc4NmQ1NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsY+wED/34bPT+L/1Q49QfUWjlJq
RL/NPYAoPOLKkk1vtzKquKrjDyWYEkvPbTefJudIrlINjqqA6M19GMWBRydBM5Zf
vpVj43QBgKVjnnicrdD9WvJSZwD64c+gkSNWuR40Fk6Q9kwwINc+diGiKTUH7dHZ
AMLxFD0jd0q8n04D29envQbi9UfYdOtVIs3C3rQfMg7HRggAmU7xHNgNl+ST2Fta
SNORtiOJqNzoMmjFsiM4h2hBs0/gz98EqZOURbx1/4BB0lWXK9Et7CH+8hKqL5Be
Sy4F6Yw5o65NNQyX0+eBDb/KmdwS3P/Ds3vpcu5Ozy/0SYAFEPtYdPnYCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6mLxF2XSJ+SsA2gcIoJ0F4bVREMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIMeFet/g
M8HkZloKSdbKlqAWR6QCIxmgdkeFlzY3HHMSBUus1NJkk1Lc9iLdoiQLfXzlo+Mz
FErufezNBCzvuWFlbpBZSTdJbK5q2skbxxtguW4wzSBwI7cGqsVFp6nwa9t27uGA
SIHoqSBLAeo5zuzUoZxavevQG4f6w2JM6YIpHgeX/v4l7iQIJBc1c5Xm7RaS8DtH
DXTKzAXbjv7wJ8tz7Nz5cSVSbXusXFQTMzPg9D/lyIf99Eh791F00H1vKjyeHD8L
L8mMAY/Nk7JkiGZwq2luMaA6At/uryL/SYVTL3Vwlxk2ixFmEVD/2vZHsh7t9Suz
/HGXqsyTv+IYqQ==
-----END CERTIFICATE-----